# This file is part of BlackArch Linux ( https://www.blackarch.org/ ).
# See COPYING for license details.

pkgname=parse-evtx
pkgver=3.a4b02b9
pkgrel=1
groups=('blackarch' 'blackarch-forensic')
pkgdesc='A tool to parse the Windows XML Event Log (EVTX) format.'
arch=('any')
url='https://github.com/KasperskyLab/ForensicsTools'
license=('GPL')
makedepends=('git' 'cmake')
source=("$pkgname::git+https://github.com/KasperskyLab/ForensicsTools.git")
sha512sums=('SKIP')

pkgver() {
  cd $pkgname

  echo $(git rev-list --count HEAD).$(git rev-parse --short HEAD)
}

build() {
  cd $pkgname

  cmake ./SOURCES/ -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE=Release \
    -DBUILD_TESTS=OFF

  make
}

package() {
  cd $pkgname

  install -Dm 755 "$srcdir/ForensicsTools/forensics/parse_evtx" \
    "$pkgdir/usr/bin/$pkgname"
  install -Dm 644 -t "$pkgdir/usr/share/doc/$pkgname/" README.md
}

